CVE-2012-2239

Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attackers to read arbitrary files or create TCP connections via an XML external entity (XXE) injection attack, as demonstrated by reading config.php.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://mahara.org/interaction/forum/topic.php?id=4869	Vendor Advisory
https://bugs.launchpad.net/mahara/+bug/1047111
http://www.debian.org/security/2012/dsa-2591

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mahara:mahara:1.5.2:::::::*
	cpe:2.3:a:mahara:mahara:1.5.1:::::::*
	cpe:2.3:a:mahara:mahara:1.5:rc1::::::
	cpe:2.3:a:mahara:mahara:1.1.5:::::::*
	cpe:2.3:a:mahara:mahara:1.4.1:::::::*
	cpe:2.3:a:mahara:mahara:1.4.0:::::::*
	cpe:2.3:a:mahara:mahara:1.4:rc4::::::
	cpe:2.3:a:mahara:mahara:1.4:rc1::::::
	cpe:2.3:a:mahara:mahara:1.5:rc2::::::
	cpe:2.3:a:mahara:mahara:1.4.3:::::::*
	cpe:2.3:a:mahara:mahara:1.4.2:::::::*
	cpe:2.3:a:mahara:mahara:1.4:rc3::::::
	cpe:2.3:a:mahara:mahara:1.1.4:::::::*
	cpe:2.3:a:mahara:mahara:1.5.0:::::::*
	cpe:2.3:a:mahara:mahara:1.4:rc2::::::

Information

Published : 2012-11-24 20:55

Updated : 2013-02-08 04:50

NVD link : CVE-2012-2239

Mitre link : CVE-2012-2239

JSON object : View

Products Affected

mahara

mahara

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://mahara.org/interaction/forum/topic.php?id=4869", "name": "https://mahara.org/interaction/forum/topic.php?id=4869", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://bugs.launchpad.net/mahara/+bug/1047111", "name": "https://bugs.launchpad.net/mahara/+bug/1047111", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.debian.org/security/2012/dsa-2591", "name": "DSA-2591", "tags": [], "refsource": "DEBIAN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attackers to read arbitrary files or create TCP connections via an XML external entity (XXE) injection attack, as demonstrated by reading config.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-94"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-2239", "ASSIGNER": "security@debian.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-11-24T20:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.5:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.4:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.4:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.5:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.4:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mahara:mahara:1.4:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2013-02-08T04:50Z"}